There is an unsaved comment in progress. You will lose your changes if you continue. Are you sure you want to reopen the work item?

8

Closed

packageSourceCredentials does not accept plain text credentials

description

This is related to the issue
http://nuget.codeplex.com/workitem/1744 the current implementation of packageSourceCredentials is effectively worthless. It requires bonding passwords to specific machines, there is almost zero use case for this to provide value. The only scenarios this
has any meaning would perhaps be in an iron fist ruled network where developers aren't even given direct access to their internal nuget feed.

packageSourceCredentials really just needs to support plain text passwords. Some suggestions

Just submitted a pull request to support sharing of clear-text passwords in hierarchical nuget.configs.Pull Request

Philosophy: NuGet always saves encrypted packagesource credentials. Only user can deviate to clear-text in local nuget.config by adding a <add key="ClearTextPassword" value="topsecret"/> element to the <PackageSource>.